Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Troubles to make SSO work

Hi!

I can not make SSO with crowd working. I have set up SSO, as desribed in the articles for Jira and Confluence, but can not make it work.

If I log in to Jira with a Crowd User and then change to Confluence I have to log in again.
I have checked the cookies. The Crowd Cookie seems to be there, like you can see here:

Cookie.png

This cookie somehow seems to be ignored on my Jira, Confluence and crowd.

The urls I have set up for Jira, Confluence and Crowd are:
https://jira.braunstein-web.com/
https://confluence.braunstein-web.com/
https://crowd.braunstein-web.com:8096/crowd/

So they all are sharing the braunstein-web.com domain.

The crowd directory for Jira and Confluence is set up correctly with the above url and is working. Just Single Sign On does not work.

The username I use is "armin". This user is inside the groups "jira-administrators", "jira-users", "confluence-administrators", "confluence-users", "crowd-administrators".

On Jira I am using the SSOSeraphAuthenticator, on Confluence the ConfluenceCrowdSSOAuthenticator.

I also tried to switch off the "Require consistent client IP address", but also did not help.

Please find the debugging log of crowd here:

http://greentacarcuna.com/files/atlassian-crowd.log

4 answers

Is there really no possible solution for this?

If that is how Atlassian is caring about issues of customers, then I maybe better should not use Jira if my company grows bigger..

I bought crowd actually only for having SSO, and now I can not use it, even, at least it seems, the configuration is done correctly.

I know it's only the "community support", but in the community support description it's written, that, if no answer comes from the community, Atlassian members will care about. But so far no reaction from Atlassian. The bigger licenses would really cost not so less money, that makes a bit worry if it will be also like that, if I need a higher license..

0 votes

@Armin Cheng I am sorry for my late reply but we must have missed your post earlier. Is this problem still occurring?

Hi Marek! Yes, I still was not able to solve the problem. 

Ok thanks @Armin Cheng for your quick answer. I wanted also to thank you for buying Crowd and let you know that we are working on improvements of SSO. The current functionality of course should work for you properly so we will look into that and let you know. 

@Marcin Kempa can you please advice something here?

0 votes
Marcin Kempa Atlassian Team Dec 08, 2018

Hi @Armin Braunstein,

 

Please accept our apologies for not reacting earlier on your request.

As I understand you problem is that you have:

  • Jira
  • Confluence
  • Crowd

set in the same domain.

All of them have the same user directories configured in Crowd (so Jira and Confluence have same ldap or internal directories in the same order configured inside Crowd application).

You have configured seraph.xml files in both Jira and Confluence to use SSO authentication with Crowd (also the crowd.properties files in those applications properly points to Crowd).

When you log in to Jira and then navigate to Confluence you need to login again as the session is not automatically authenticated.

The crowd.token_key cookie is properly set on that domain.

Is that a fair summary of your issue?

 

I had a look at your log file, and it looks like there are errors indicating that password did not match. Would it be possible that the directories are not configured in different order for those applications?

In order to investigate this issue further please provide har file of you trying to login to those applications and support zips of all applications in your setup (those will include log files)

If possible I would suggest opening a support case, so that we could exchange files easily not exposing any sensitive data if that is not possible due to licensing restrictions please send us those files at mkempa@atlassian.com and we will try to help you with that.

Best Regards,

Marcin Kempa

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Asked in Jira Service Management

JSM June ask me anything (AMA)

Hello Community members! We’re wrapping up the end of JSM June with an Ask Me Anything (AMA) with the Jira Service Management product team. This is your chance to ask all your ITSM questions to o...

239 views 12 14
View question

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you